Class CertPathValidatorUtilitiesCanl

java.lang.Object

eu.emi.security.authn.x509.helpers.pkipath.bc.CertPathValidatorUtilities

eu.emi.security.authn.x509.helpers.pkipath.bc.CertPathValidatorUtilitiesCanl

public class CertPathValidatorUtilitiesCanl
extends CertPathValidatorUtilities

Exposes otherwise hidden methods from CertPathValidatorUtilitiesCanl plus in some cases fixes bugs plus produces errors in the desired format.

Field Summary

Fields inherited from class CertPathValidatorUtilities

ANY_POLICY, AUTHORITY_KEY_IDENTIFIER, BASIC_CONSTRAINTS, CERTIFICATE_POLICIES, CRL_DISTRIBUTION_POINTS, CRL_NUMBER, CRL_SIGN, CRL_UTIL, crlReasons, DELTA_CRL_INDICATOR, FRESHEST_CRL, INHIBIT_ANY_POLICY, ISSUING_DISTRIBUTION_POINT, KEY_CERT_SIGN, KEY_USAGE, NAME_CONSTRAINTS, POLICY_CONSTRAINTS, POLICY_MAPPINGS, SUBJECT_ALTERNATIVE_NAME

Constructor Summary

Constructors

Constructor	Description
CertPathValidatorUtilitiesCanl()

Method Summary

Modifier and Type	Method	Description
static Collection<?>	findIssuerCerts(X509Certificate cert, org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams)
static TrustAnchor	findTrustAnchorPublic(X509Certificate cert, Set<?> trustAnchors, String sigProvider)
protected static List<org.bouncycastle.jcajce.PKIXCRLStore>	getAdditionalStoresFromCRLDistributionPoint(org.bouncycastle.asn1.x509.CRLDistPoint crldp, org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams)
protected static Set	getCompleteCRLs(org.bouncycastle.asn1.x509.DistributionPoint dp, Object cert, Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX)	As CertPathValidatorUtilities.getCompleteCRLs(DistributionPoint, Object, Date, PKIXExtendedParameters) but it returns also expired CRLs.
protected static Set<?>	getCompleteCRLs2(org.bouncycastle.asn1.x509.DistributionPoint dp, X509Certificate cert, Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX)
protected static Set<X509CRL>	getDeltaCRLs2(Date currentDate, org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX, X509CRL completeCRL)	Fetches delta CRLs according to RFC 3280 section 5.2.4.
protected static org.bouncycastle.asn1.ASN1Primitive	getExtensionValue(X509Extension ext, String oid)
static BigInteger	getSerialNumber(Object cert)

Methods inherited from class CertPathValidatorUtilities

checkCRLsNotEmpty, findCertificates, findIssuerCerts, findTrustAnchor, findTrustAnchor, getAdditionalStoresFromAltNames, getAdditionalStoresFromCRLDistributionPoint, getAlgorithmIdentifier, getCertStatus, getCRLIssuersFromDistributionPoint, getDeltaCRLs, getNextWorkingKey, getQualifierSet, getValidCertDateFromValidityModel, getValidDate, isAnyPolicy, isSelfIssued, prepareNextCertB1, prepareNextCertB2, processCertD1i, processCertD1ii, removePolicyNode, verifyX509Certificate

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

CertPathValidatorUtilitiesCanl

public CertPathValidatorUtilitiesCanl()

Method Details

findTrustAnchorPublic

public static TrustAnchor findTrustAnchorPublic(X509Certificate cert,
 Set<?> trustAnchors,
 String sigProvider)
                                         throws org.bouncycastle.jce.provider.AnnotatedException

Throws:

org.bouncycastle.jce.provider.AnnotatedException

findIssuerCerts

public static Collection<?> findIssuerCerts(X509Certificate cert,
 org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams)
                                     throws org.bouncycastle.jce.provider.AnnotatedException

Throws:

org.bouncycastle.jce.provider.AnnotatedException

getCompleteCRLs2

protected static Set<?> getCompleteCRLs2(org.bouncycastle.asn1.x509.DistributionPoint dp,
 X509Certificate cert,
 Date currentDate,
 org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX)
                                  throws SimpleValidationErrorException

Throws:

SimpleValidationErrorException

getCompleteCRLs

protected static Set getCompleteCRLs(org.bouncycastle.asn1.x509.DistributionPoint dp,
 Object cert,
 Date currentDate,
 org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX)
                              throws org.bouncycastle.jce.provider.AnnotatedException

As CertPathValidatorUtilities.getCompleteCRLs(DistributionPoint, Object, Date, PKIXExtendedParameters) but it returns also expired CRLs.

Parameters:

dp -

cert -

currentDate -

paramsPKIX -

Returns:

A Set of X509CRLs.

Throws:

org.bouncycastle.jce.provider.AnnotatedException

getDeltaCRLs2

protected static Set<X509CRL> getDeltaCRLs2(Date currentDate,
 org.bouncycastle.jcajce.PKIXExtendedParameters paramsPKIX,
 X509CRL completeCRL)
                                     throws SimpleValidationErrorException

Fetches delta CRLs according to RFC 3280 section 5.2.4.

Parameters:

currentDate - The date for which the delta CRLs must be valid.

paramsPKIX - The extended PKIX parameters.

completeCRL - The complete CRL the delta CRL is for.

Returns:

A Set of X509CRLs with delta CRLs.

Throws:

SimpleValidationErrorException - if an exception occurs while picking the delta CRLs.

getExtensionValue

protected static org.bouncycastle.asn1.ASN1Primitive getExtensionValue(X509Extension ext,
 String oid)
                                                                throws org.bouncycastle.jce.provider.AnnotatedException

Throws:

org.bouncycastle.jce.provider.AnnotatedException

getAdditionalStoresFromCRLDistributionPoint

protected static List<org.bouncycastle.jcajce.PKIXCRLStore> getAdditionalStoresFromCRLDistributionPoint(org.bouncycastle.asn1.x509.CRLDistPoint crldp,
 org.bouncycastle.jcajce.PKIXExtendedBuilderParameters pkixParams)
                                                                                                 throws org.bouncycastle.jce.provider.AnnotatedException

Throws:

org.bouncycastle.jce.provider.AnnotatedException

getSerialNumber

public static BigInteger getSerialNumber(Object cert)